Canadian Journal of Law and Technology


end-user license agreements, privacy policies, access to information, copyright law review


This article presents our interdisciplinary analysis of end-user license agreements and privacy policies from a sample of 22 consumer goods/services connected to the Internet of Things (IoT). We gathered data in the form of legal documents and assessed them from legal and economic perspectives. We developed an original taxonomy of IoT-connected consumer goods/services, classified different business models built around them, and reviewed legal terms and conditions related to their use.

Our analysis identifies copyright related restrictions and brings to light issues beyond copyright that merit consideration in the context of a review of copyright law and policy. First, we find that even obtaining legal information on smart products, including software license restrictions and other copyright limitations, is a difficult and time-consuming exercise. Second, our analysis of business models shows interoperability of platforms within an ecosystem of third-party devices and applications, but restrictions that limit interoperability across ecosystems. Third, terms and conditions of consumer use of smart devices in our sample are set up to allow for the collection and transfer of personal data, often sensitive data, in addition to all data collected by the companies from other sources such as social media. Fourth, our study shows that software licensing is now common practice among smart device manufacturers.

Based on these findings, we make recommendations to address the issues of accessibility of legal information, data portability, interoperability of systems, and competition. We recommend that governments cooperate with industry, consumer, and public interest groups to: (1) promote labelling standards to help consumers locate and understand the terms on which they acquire and use IoT products and services; (2) support open standards and protocols to facilitate interoperability across platforms; (3) integrate data portability and related issues with ongoing discussions about not only copyright reform but also reforms to privacy laws and other digital rights; and (4) take seriously the relevant recommendations of the Parliamentary Committee for revision to the Copyright Act.